The focus of the DHS effort will be to encourage industry to develop and demonstrate cybersecurity prototypes “in an operational environment” to protect the nation’s critical infrastructures, according to the department's broad agency announcement (BAA).
DHS is looking for research and development proposals to improve cybersecurity in 14 technical areas: software assurance, enterprise-level security metrics, usable security, insider threats, resilient networks, attack modeling, network mapping and measurement, incident response, cyber economics, digital provenance, hardware-enabled trust, moving-target defense, nature-inspired cyber health, and software assurance market place.
The last five of these areas fall under the Comprehensive National Cybersecurity Initiative (CNCI), which is an initiative launched by the Bush administration in early 2008 to strengthen cybersecurity of critical infrastructure. The CNCI came under attack from Congress and the Government Accountability Office for its lack of transparency. In response, Howard Schmidt, the White House Cybersecurity Coordinator, announced last year that the classification guidance for the CNCI would be loosened.
According to the DHS BAA, the vision of the CNCI is to "transform the cyber-infrastructure to be resistant to attack so that critical national interests are protected from catastrophic damage and our society can confidently adopt new technological advances….The only long-term solution to the vulnerabilities of today's networking and information technologies is to ensure that future generations of these technologies are designed with security built in from the ground up."
Companies interested in submitting proposals should visit the FedBizOpps.gov website or contact Catherine Collins, a DHS contract specialist.